The Android-based malware blocked by WebPulse included an Android root exploit and a variety of rogue Android software. Forty percent of Android malware was delivered via malnets, demonstrating how cybercriminals can successfully utilize embedded infrastructures to attack mobile users. In the most recent six months, WebPulse also blocked an increasing number of unique malicious Android applications.

As for the breakdown of Android malware, Blue Coat noted 58 percent was Android root exploits and rogue software. Android malware via malnets—networks designed to deliver malicious payloads—was 40 percent of the total.

The Android malware issue is increasingly a buzz kill for the enterprise. CXOs are balking at having to support multiple flavors of Android and have largely focused on Apple’s iOS for their bring your own device policies.

Another notable nugget from the Blue Coat report was that pornography is a key threat vector on mobile devices. The catch is mobile users go to porn sites less than 1 percent of the time.

Blue Coat said:

In 2012, the most dangerous place for mobile users was pornography. More than 20 percent of the time that a user went to a malicious site, they were coming from a pornography site. It is important to note that mobile users are going to pornography sites less than one percent of the time. When they do visit pornography sites, though, they have a high risk of finding a threat.

Interestingly, when malware first moved to the Internet, pornography was one of the leading sources of malware for desktop users. The prevalence of pornography as the leading threat vector for desktop users has ebbed, giving way to attacks that target much larger user populations, such as search engine poisoning.

In the desktop environment, pornography continued to fall as a threat vector as it became easier to target a large number of users on places like search engines or social networking sites.